/*
 *    Copyright (c) 2018-2025, lengleng All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * Redistributions of source code must retain the above copyright notice,
 * this list of conditions and the following disclaimer.
 * Redistributions in binary form must reproduce the above copyright
 * notice, this list of conditions and the following disclaimer in the
 * documentation and/or other materials provided with the distribution.
 * Neither the name of the pig4cloud.com developer nor the names of its
 * contributors may be used to endorse or promote products derived from
 * this software without specific prior written permission.
 * Author: lengleng (wangiegie@gmail.com)
 */

package com.liycloud.common.security.mobile;

// pigx
import com.liycloud.common.security.component.PigxCommenceAuthExceptionEntryPoint;
import com.liycloud.common.security.service.PigxUserDetailsService;

import lombok.Getter;
import lombok.Setter;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;

// spring-security
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.config.annotation.SecurityConfigurerAdapter;  // 安全配置器
import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 * @author lengleng
 * @date 2018/8/5 手机号登录配置入口,   继承安全配置适配器
 */
@Getter
@Setter
public class MobileSecurityConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {

	// 对象映射器
	@Autowired
	private ObjectMapper objectMapper;


	// 认证事件推送器
	@Autowired
	private AuthenticationEventPublisher defaultAuthenticationEventPublisher;


	// 手机登录成功处理器
	@Autowired
	private AuthenticationSuccessHandler mobileLoginSuccessHandler;


	// 用户服务
	@Autowired
	private PigxUserDetailsService userDetailsService;


	/**
	 * 核心配置方法
	 */
	@Override
	public void configure(HttpSecurity http) {

		// 获取认证管理器
		AuthenticationManager authenticationManager = http.getSharedObject(AuthenticationManager.class);

		// 手机认证过滤器Filter
		MobileAuthenticationFilter mobileAuthenticationFilter = new MobileAuthenticationFilter();

		mobileAuthenticationFilter.setAuthenticationManager(authenticationManager);
		mobileAuthenticationFilter.setAuthenticationSuccessHandler(mobileLoginSuccessHandler);
		mobileAuthenticationFilter.setEventPublisher(defaultAuthenticationEventPublisher);
		mobileAuthenticationFilter.setAuthenticationEntryPoint(new PigxCommenceAuthExceptionEntryPoint(objectMapper));


		// 通过源码可知  spring-security 的认证工作是由各种 Provider 来执行的, 这里构建手机认证 Provider
		MobileAuthenticationProvider mobileAuthenticationProvider = new MobileAuthenticationProvider();
		mobileAuthenticationProvider.setUserDetailsService(userDetailsService);



		http.authenticationProvider(mobileAuthenticationProvider)  // 添加手机认证 Provider

				// 注意这里的方法( 要添加的 Filter,  指定的 filter 之后 )
				.addFilterAfter(mobileAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
	}

}
